rename to grype

.goreleaser.yaml

@@ -1,5 +1,5 @@
 builds:
-  - binary: vulnscan
+  - binary: grype
     env:
       - CGO_ENABLED=0
     goos:
@@ -15,15 +15,15 @@ builds:
       -w
       -s
       -extldflags '-static'
-      -X github.com/anchore/vulnscan/internal/version.version={{.Version}}
-      -X github.com/anchore/vulnscan/internal/version.gitCommit={{.Commit}}
-      -X github.com/anchore/vulnscan/internal/version.buildDate={{.Date}}
-      -X github.com/anchore/vulnscan/internal/version.gitTreeState={{.Env.BUILD_GIT_TREE_STATE}}
+      -X github.com/anchore/grype/internal/version.version={{.Version}}
+      -X github.com/anchore/grype/internal/version.gitCommit={{.Commit}}
+      -X github.com/anchore/grype/internal/version.buildDate={{.Date}}
+      -X github.com/anchore/grype/internal/version.gitTreeState={{.Env.BUILD_GIT_TREE_STATE}}
 
 nfpms:
   - license: "Apache 2.0"
     maintainer: "Anchore, Inc"
-    homepage: &website "https://github.com/anchore/vulnscan"
+    homepage: &website "https://github.com/anchore/grype"
     description: &description "A vulnerability scanner for container images and filesystems"
     formats:
       - rpm
@@ -32,7 +32,7 @@ nfpms:
 brews:
   - tap:
       owner: anchore
-      name: homebrew-vulnscan
+      name: homebrew-grype
     homepage: *website
     description: *description
 

README.md

@@ -1 +1 @@
-# vulnscan (TBD Name)
+# grype (TBD Name)

cmd/cmd.go

@@ -4,11 +4,11 @@ import (
 	"fmt"
 	"os"
 
+	"github.com/anchore/grype/grype"
+	"github.com/anchore/grype/internal/config"
+	"github.com/anchore/grype/internal/format"
+	"github.com/anchore/grype/internal/logger"
 	"github.com/anchore/syft/syft"
-	"github.com/anchore/vulnscan/internal/config"
-	"github.com/anchore/vulnscan/internal/format"
-	"github.com/anchore/vulnscan/internal/logger"
-	"github.com/anchore/vulnscan/vulnscan"
 	"github.com/spf13/cobra"
 	"github.com/spf13/viper"
 	"go.uber.org/zap"
@@ -74,7 +74,7 @@ func initLogging() {
 
 	logWrapper := logger.NewZapLogger(config)
 	log = logWrapper.Logger
-	vulnscan.SetLogger(logWrapper)
+	grype.SetLogger(logWrapper)
 	syft.SetLogger(logWrapper)
 }
 

cmd/db_check.go

@@ -4,7 +4,7 @@ import (
 	"fmt"
 	"os"
 
-	"github.com/anchore/vulnscan/vulnscan/db"
+	"github.com/anchore/grype/grype/db"
 	"github.com/spf13/cobra"
 )
 

cmd/db_delete.go

@@ -4,7 +4,7 @@ import (
 	"fmt"
 	"os"
 
-	"github.com/anchore/vulnscan/vulnscan/db"
+	"github.com/anchore/grype/grype/db"
 	"github.com/spf13/cobra"
 )
 

cmd/db_import.go

@@ -4,7 +4,7 @@ import (
 	"fmt"
 	"os"
 
-	"github.com/anchore/vulnscan/vulnscan/db"
+	"github.com/anchore/grype/grype/db"
 	"github.com/spf13/cobra"
 )
 

cmd/db_status.go

@@ -4,7 +4,7 @@ import (
 	"fmt"
 	"os"
 
-	"github.com/anchore/vulnscan/vulnscan/db"
+	"github.com/anchore/grype/grype/db"
 
 	"github.com/spf13/cobra"
 )

cmd/db_update.go

@@ -4,7 +4,7 @@ import (
 	"fmt"
 	"os"
 
-	"github.com/anchore/vulnscan/vulnscan/db"
+	"github.com/anchore/grype/grype/db"
 	"github.com/spf13/cobra"
 )
 

cmd/root.go

@@ -5,11 +5,11 @@ import (
 	"os"
 	"runtime/pprof"
 
+	"github.com/anchore/grype/grype"
+	"github.com/anchore/grype/grype/presenter"
+	"github.com/anchore/grype/internal"
+	"github.com/anchore/grype/internal/format"
 	"github.com/anchore/syft/syft/scope"
-	"github.com/anchore/vulnscan/internal"
-	"github.com/anchore/vulnscan/internal/format"
-	"github.com/anchore/vulnscan/vulnscan"
-	"github.com/anchore/vulnscan/vulnscan/presenter"
 	"github.com/spf13/cobra"
 	"github.com/spf13/viper"
 )
@@ -80,12 +80,12 @@ func init() {
 func runDefaultCmd(_ *cobra.Command, args []string) error {
 	userImageStr := args[0]
 
-	provider, err := vulnscan.LoadVulnerabilityDb(appConfig.Db.ToCuratorConfig(), appConfig.Db.AutoUpdate)
+	provider, err := grype.LoadVulnerabilityDb(appConfig.Db.ToCuratorConfig(), appConfig.Db.AutoUpdate)
 	if err != nil {
 		return fmt.Errorf("failed to load vulnerability db: %w", err)
 	}
 
-	results, catalog, _, err := vulnscan.FindVulnerabilities(provider, userImageStr, appConfig.ScopeOpt)
+	results, catalog, _, err := grype.FindVulnerabilities(provider, userImageStr, appConfig.ScopeOpt)
 	if err != nil {
 		return fmt.Errorf("failed to find vulnerabilities: %w", err)
 	}

cmd/version.go

@@ -3,8 +3,8 @@ package cmd
 import (
 	"fmt"
 
-	"github.com/anchore/vulnscan/internal"
-	"github.com/anchore/vulnscan/internal/version"
+	"github.com/anchore/grype/internal"
+	"github.com/anchore/grype/internal/version"
 	"github.com/spf13/cobra"
 )
 

go.mod

@@ -1,4 +1,4 @@
-module github.com/anchore/vulnscan
+module github.com/anchore/grype
 
 go 1.14
 

grype/cpe/cpe.go

@@ -3,8 +3,8 @@ package cpe
 import (
 	"fmt"
 
+	"github.com/anchore/grype/internal"
 	"github.com/anchore/syft/syft/pkg"
-	"github.com/anchore/vulnscan/internal"
 	"github.com/facebookincubator/nvdtools/wfn"
 )
 

grype/db/curator.go

@@ -7,11 +7,11 @@ import (
 	"path"
 
 	"github.com/anchore/go-version"
+	"github.com/anchore/grype/internal/file"
+	"github.com/anchore/grype/internal/log"
 	"github.com/anchore/siren-db/pkg/curation"
 	"github.com/anchore/siren-db/pkg/db"
 	"github.com/anchore/siren-db/pkg/store/sqlite/reader"
-	"github.com/anchore/vulnscan/internal/file"
-	"github.com/anchore/vulnscan/internal/log"
 	"github.com/spf13/afero"
 )
 
@@ -119,7 +119,7 @@ func (c *Curator) Validate() error {
 
 func (c *Curator) ImportFrom(dbArchivePath string) error {
 	// note: the temp directory is persisted upon download/validation/activation failure to allow for investigation
-	tempDir, err := ioutil.TempDir("", "vulnscan-import")
+	tempDir, err := ioutil.TempDir("", "grype-import")
 	if err != nil {
 		return fmt.Errorf("unable to create db temp dir: %w", err)
 	}
@@ -174,7 +174,7 @@ func (c *Curator) UpdateTo(listing *curation.ListingEntry) error {
 }
 
 func (c *Curator) download(listing *curation.ListingEntry) (string, error) {
-	tempDir, err := ioutil.TempDir("", "vulnscan-scratch")
+	tempDir, err := ioutil.TempDir("", "grype-scratch")
 	if err != nil {
 		return "", fmt.Errorf("unable to create db temp dir: %w", err)
 	}

grype/db/curator_test.go

@@ -7,9 +7,9 @@ import (
 	"time"
 
 	"github.com/anchore/go-version"
+	"github.com/anchore/grype/internal"
+	"github.com/anchore/grype/internal/file"
 	"github.com/anchore/siren-db/pkg/curation"
-	"github.com/anchore/vulnscan/internal"
-	"github.com/anchore/vulnscan/internal/file"
 	"github.com/spf13/afero"
 )
 

grype/lib.go

@@ -1,24 +1,24 @@
-package vulnscan
+package grype
 
 import (
 	"fmt"
 
-	"github.com/anchore/vulnscan/vulnscan/db"
+	"github.com/anchore/grype/grype/db"
 
-	"github.com/anchore/vulnscan/vulnscan/logger"
+	"github.com/anchore/grype/grype/logger"
 
+	"github.com/anchore/grype/grype/matcher"
+	"github.com/anchore/grype/grype/result"
+	"github.com/anchore/grype/grype/vulnerability"
+	"github.com/anchore/grype/internal/log"
 	"github.com/anchore/syft/syft"
 	"github.com/anchore/syft/syft/distro"
 	"github.com/anchore/syft/syft/pkg"
 	"github.com/anchore/syft/syft/scope"
-	"github.com/anchore/vulnscan/internal/log"
-	"github.com/anchore/vulnscan/vulnscan/matcher"
-	"github.com/anchore/vulnscan/vulnscan/result"
-	"github.com/anchore/vulnscan/vulnscan/vulnerability"
 )
 
 // note: lib name must be a single word, all lowercase
-const LibraryName = "vulnscan"
+const LibraryName = "grype"
 
 func FindVulnerabilities(provider vulnerability.Provider, userImageStr string, scopeOpt scope.Option) (result.Result, *pkg.Catalog, *scope.Scope, error) {
 	log.Info("Cataloging image")

grype/match/match.go

@@ -3,8 +3,8 @@ package match
 import (
 	"fmt"
 
+	"github.com/anchore/grype/grype/vulnerability"
 	"github.com/anchore/syft/syft/pkg"
-	"github.com/anchore/vulnscan/vulnscan/vulnerability"
 )
 
 type Match struct {

grype/matcher/bundler/matcher.go

@@ -1,11 +1,11 @@
 package bundler
 
 import (
+	"github.com/anchore/grype/grype/match"
+	"github.com/anchore/grype/grype/matcher/common"
+	"github.com/anchore/grype/grype/vulnerability"
 	"github.com/anchore/syft/syft/distro"
 	"github.com/anchore/syft/syft/pkg"
-	"github.com/anchore/vulnscan/vulnscan/match"
-	"github.com/anchore/vulnscan/vulnscan/matcher/common"
-	"github.com/anchore/vulnscan/vulnscan/vulnerability"
 )
 
 type Matcher struct {

grype/matcher/common/cpe_matchers.go

@@ -3,10 +3,10 @@ package common
 import (
 	"fmt"
 
+	"github.com/anchore/grype/grype/match"
+	"github.com/anchore/grype/grype/version"
+	"github.com/anchore/grype/grype/vulnerability"
 	"github.com/anchore/syft/syft/pkg"
-	"github.com/anchore/vulnscan/vulnscan/match"
-	"github.com/anchore/vulnscan/vulnscan/version"
-	"github.com/anchore/vulnscan/vulnscan/vulnerability"
 )
 
 func FindMatchesByPackageCPE(store vulnerability.ProviderByCPE, p *pkg.Package, upstreamMatcher match.MatcherType) ([]match.Match, error) {

grype/matcher/common/cpe_matchers_test.go

@@ -1,12 +1,12 @@
 package common
 
 import (
+	"github.com/anchore/grype/grype/cpe"
+	"github.com/anchore/grype/grype/match"
+	"github.com/anchore/grype/grype/version"
+	"github.com/anchore/grype/grype/vulnerability"
+	"github.com/anchore/grype/internal"
 	"github.com/anchore/syft/syft/pkg"
-	"github.com/anchore/vulnscan/internal"
-	"github.com/anchore/vulnscan/vulnscan/cpe"
-	"github.com/anchore/vulnscan/vulnscan/match"
-	"github.com/anchore/vulnscan/vulnscan/version"
-	"github.com/anchore/vulnscan/vulnscan/vulnerability"
 	"testing"
 )
 

grype/matcher/common/distro_matchers.go

@@ -4,12 +4,12 @@ package common
 import (
 	"fmt"
 
-	"github.com/anchore/vulnscan/vulnscan/version"
+	"github.com/anchore/grype/grype/version"
 
+	"github.com/anchore/grype/grype/match"
+	"github.com/anchore/grype/grype/vulnerability"
 	"github.com/anchore/syft/syft/distro"
 	"github.com/anchore/syft/syft/pkg"
-	"github.com/anchore/vulnscan/vulnscan/match"
-	"github.com/anchore/vulnscan/vulnscan/vulnerability"
 )
 
 func FindMatchesByPackageDistro(store vulnerability.ProviderByDistro, d distro.Distro, p *pkg.Package, upstreamMatcher match.MatcherType) ([]match.Match, error) {

grype/matcher/common/distro_matchers_test.go

@@ -4,12 +4,12 @@ import (
 	"strings"
 	"testing"
 
+	"github.com/anchore/grype/grype/match"
+	"github.com/anchore/grype/grype/version"
+	"github.com/anchore/grype/grype/vulnerability"
+	"github.com/anchore/grype/internal"
 	"github.com/anchore/syft/syft/distro"
 	"github.com/anchore/syft/syft/pkg"
-	"github.com/anchore/vulnscan/internal"
-	"github.com/anchore/vulnscan/vulnscan/match"
-	"github.com/anchore/vulnscan/vulnscan/version"
-	"github.com/anchore/vulnscan/vulnscan/vulnerability"
 )
 
 type mockDistroProvider struct {

grype/matcher/common/language_matchers.go

@@ -4,11 +4,11 @@ package common
 import (
 	"fmt"
 
-	"github.com/anchore/vulnscan/vulnscan/version"
+	"github.com/anchore/grype/grype/version"
 
+	"github.com/anchore/grype/grype/match"
+	"github.com/anchore/grype/grype/vulnerability"
 	"github.com/anchore/syft/syft/pkg"
-	"github.com/anchore/vulnscan/vulnscan/match"
-	"github.com/anchore/vulnscan/vulnscan/vulnerability"
 )
 
 func FindMatchesByPackageLanguage(store vulnerability.ProviderByLanguage, l pkg.Language, p *pkg.Package, upstreamMatcher match.MatcherType) ([]match.Match, error) {

grype/matcher/common/language_matchers_test.go

@@ -4,11 +4,11 @@ import (
 	"fmt"
 	"testing"
 
+	"github.com/anchore/grype/grype/match"
+	"github.com/anchore/grype/grype/version"
+	"github.com/anchore/grype/grype/vulnerability"
+	"github.com/anchore/grype/internal"
 	"github.com/anchore/syft/syft/pkg"
-	"github.com/anchore/vulnscan/internal"
-	"github.com/anchore/vulnscan/vulnscan/match"
-	"github.com/anchore/vulnscan/vulnscan/version"
-	"github.com/anchore/vulnscan/vulnscan/vulnerability"
 )
 
 type mockLanguageProvider struct {

grype/matcher/controller.go

@@ -1,18 +1,18 @@
 package matcher
 
 import (
+	"github.com/anchore/grype/grype/match"
+	"github.com/anchore/grype/grype/matcher/bundler"
+	"github.com/anchore/grype/grype/matcher/dpkg"
+	"github.com/anchore/grype/grype/matcher/java"
+	"github.com/anchore/grype/grype/matcher/javascript"
+	"github.com/anchore/grype/grype/matcher/python"
+	"github.com/anchore/grype/grype/matcher/rpmdb"
+	"github.com/anchore/grype/grype/result"
+	"github.com/anchore/grype/grype/vulnerability"
+	"github.com/anchore/grype/internal/log"
 	"github.com/anchore/syft/syft/distro"
 	"github.com/anchore/syft/syft/pkg"
-	"github.com/anchore/vulnscan/internal/log"
-	"github.com/anchore/vulnscan/vulnscan/match"
-	"github.com/anchore/vulnscan/vulnscan/matcher/bundler"
-	"github.com/anchore/vulnscan/vulnscan/matcher/dpkg"
-	"github.com/anchore/vulnscan/vulnscan/matcher/java"
-	"github.com/anchore/vulnscan/vulnscan/matcher/javascript"
-	"github.com/anchore/vulnscan/vulnscan/matcher/python"
-	"github.com/anchore/vulnscan/vulnscan/matcher/rpmdb"
-	"github.com/anchore/vulnscan/vulnscan/result"
-	"github.com/anchore/vulnscan/vulnscan/vulnerability"
 )
 
 var controllerInstance controller

grype/matcher/dpkg/matcher.go

@@ -3,11 +3,11 @@ package dpkg
 import (
 	"fmt"
 
+	"github.com/anchore/grype/grype/match"
+	"github.com/anchore/grype/grype/matcher/common"
+	"github.com/anchore/grype/grype/vulnerability"
 	"github.com/anchore/syft/syft/distro"
 	"github.com/anchore/syft/syft/pkg"
-	"github.com/anchore/vulnscan/vulnscan/match"
-	"github.com/anchore/vulnscan/vulnscan/matcher/common"
-	"github.com/anchore/vulnscan/vulnscan/vulnerability"
 	"github.com/jinzhu/copier"
 )
 

grype/matcher/dpkg/matcher_mocks_test.go

@@ -3,10 +3,10 @@ package dpkg
 import (
 	"strings"
 
+	"github.com/anchore/grype/grype/version"
+	"github.com/anchore/grype/grype/vulnerability"
 	"github.com/anchore/syft/syft/distro"
 	"github.com/anchore/syft/syft/pkg"
-	"github.com/anchore/vulnscan/vulnscan/version"
-	"github.com/anchore/vulnscan/vulnscan/vulnerability"
 )
 
 type mockProvider struct {

grype/matcher/dpkg/matcher_test.go

@@ -3,10 +3,10 @@ package dpkg
 import (
 	"testing"
 
+	"github.com/anchore/grype/grype/match"
+	"github.com/anchore/grype/internal"
 	"github.com/anchore/syft/syft/distro"
 	"github.com/anchore/syft/syft/pkg"
-	"github.com/anchore/vulnscan/internal"
-	"github.com/anchore/vulnscan/vulnscan/match"
 )
 
 func TestMatcherDpkg_matchBySourceIndirection(t *testing.T) {

grype/matcher/java/matcher.go

@@ -1,11 +1,11 @@
 package java
 
 import (
+	"github.com/anchore/grype/grype/match"
+	"github.com/anchore/grype/grype/matcher/common"
+	"github.com/anchore/grype/grype/vulnerability"
 	"github.com/anchore/syft/syft/distro"
 	"github.com/anchore/syft/syft/pkg"
-	"github.com/anchore/vulnscan/vulnscan/match"
-	"github.com/anchore/vulnscan/vulnscan/matcher/common"
-	"github.com/anchore/vulnscan/vulnscan/vulnerability"
 )
 
 type Matcher struct {

grype/matcher/javascript/matcher.go

@@ -1,11 +1,11 @@
 package javascript
 
 import (
+	"github.com/anchore/grype/grype/match"
+	"github.com/anchore/grype/grype/matcher/common"
+	"github.com/anchore/grype/grype/vulnerability"
 	"github.com/anchore/syft/syft/distro"
 	"github.com/anchore/syft/syft/pkg"
-	"github.com/anchore/vulnscan/vulnscan/match"
-	"github.com/anchore/vulnscan/vulnscan/matcher/common"
-	"github.com/anchore/vulnscan/vulnscan/vulnerability"
 )
 
 type Matcher struct {

grype/matcher/matcher.go

@@ -1,10 +1,10 @@
 package matcher
 
 import (
+	"github.com/anchore/grype/grype/match"
+	"github.com/anchore/grype/grype/vulnerability"
 	"github.com/anchore/syft/syft/distro"
 	"github.com/anchore/syft/syft/pkg"
-	"github.com/anchore/vulnscan/vulnscan/match"
-	"github.com/anchore/vulnscan/vulnscan/vulnerability"
 )
 
 type Matcher interface {

grype/matcher/python/matcher.go

@@ -1,11 +1,11 @@
 package python
 
 import (
+	"github.com/anchore/grype/grype/match"
+	"github.com/anchore/grype/grype/matcher/common"
+	"github.com/anchore/grype/grype/vulnerability"
 	"github.com/anchore/syft/syft/distro"
 	"github.com/anchore/syft/syft/pkg"
-	"github.com/anchore/vulnscan/vulnscan/match"
-	"github.com/anchore/vulnscan/vulnscan/matcher/common"
-	"github.com/anchore/vulnscan/vulnscan/vulnerability"
 )
 
 type Matcher struct {

grype/matcher/rpmdb/matcher.go

@@ -1,11 +1,11 @@
 package rpmdb
 
 import (
+	"github.com/anchore/grype/grype/match"
+	"github.com/anchore/grype/grype/matcher/common"
+	"github.com/anchore/grype/grype/vulnerability"
 	"github.com/anchore/syft/syft/distro"
 	"github.com/anchore/syft/syft/pkg"
-	"github.com/anchore/vulnscan/vulnscan/match"
-	"github.com/anchore/vulnscan/vulnscan/matcher/common"
-	"github.com/anchore/vulnscan/vulnscan/vulnerability"
 )
 
 type Matcher struct {

grype/presenter/json/presenter.go

@@ -4,8 +4,8 @@ import (
 	"encoding/json"
 	"io"
 
+	"github.com/anchore/grype/grype/result"
 	"github.com/anchore/syft/syft/pkg"
-	"github.com/anchore/vulnscan/vulnscan/result"
 )
 
 // Presenter is a generic struct for holding fields needed for reporting

grype/presenter/json/presenter_test.go

@@ -6,10 +6,10 @@ import (
 	"testing"
 
 	"github.com/anchore/go-testutils"
+	"github.com/anchore/grype/grype/match"
+	"github.com/anchore/grype/grype/result"
+	"github.com/anchore/grype/grype/vulnerability"
 	"github.com/anchore/syft/syft/pkg"
-	"github.com/anchore/vulnscan/vulnscan/match"
-	"github.com/anchore/vulnscan/vulnscan/result"
-	"github.com/anchore/vulnscan/vulnscan/vulnerability"
 	"github.com/sergi/go-diff/diffmatchpatch"
 )
 

grype/presenter/presenter.go

@@ -3,9 +3,9 @@ package presenter
 import (
 	"io"
 
+	"github.com/anchore/grype/grype/presenter/json"
+	"github.com/anchore/grype/grype/result"
 	"github.com/anchore/syft/syft/pkg"
-	"github.com/anchore/vulnscan/vulnscan/presenter/json"
-	"github.com/anchore/vulnscan/vulnscan/result"
 )
 
 // Presenter is the main interface other Presenters need to implement

grype/result/result.go

@@ -1,8 +1,8 @@
 package result
 
 import (
+	"github.com/anchore/grype/grype/match"
 	"github.com/anchore/syft/syft/pkg"
-	"github.com/anchore/vulnscan/vulnscan/match"
 )
 
 // TODO: consider moving this to the pkg/match under matches.go

grype/version/version.go

@@ -4,8 +4,8 @@ import (
 	"fmt"
 
 	hashiVer "github.com/anchore/go-version"
+	"github.com/anchore/grype/grype/cpe"
 	"github.com/anchore/syft/syft/pkg"
-	"github.com/anchore/vulnscan/vulnscan/cpe"
 	deb "github.com/knqyf263/go-deb-version"
 )
 

grype/vulnerability/namespace.go

@@ -4,9 +4,9 @@ import (
 	"fmt"
 	"strings"
 
+	"github.com/anchore/grype/internal"
 	"github.com/anchore/syft/syft/distro"
 	"github.com/anchore/syft/syft/pkg"
-	"github.com/anchore/vulnscan/internal"
 )
 
 type namer func(p *pkg.Package) []string
@@ -51,7 +51,7 @@ func distroNamespace(d distro.Distro) string {
 
 func languageNamespaces(l pkg.Language) map[string]namer {
 	namespaces := make(map[string]namer)
-	// TODO: can we drive this from information from vulnscan-db? that would be ideal...
+	// TODO: can we drive this from information from grype-db? that would be ideal...
 	switch l {
 	case pkg.Ruby:
 		namespaces["github:gem"] = defaultNamer

grype/vulnerability/provider.go

@@ -1,9 +1,9 @@
 package vulnerability
 
 import (
+	"github.com/anchore/grype/grype/cpe"
 	"github.com/anchore/syft/syft/distro"
 	"github.com/anchore/syft/syft/pkg"
-	"github.com/anchore/vulnscan/vulnscan/cpe"
 )
 
 type Provider interface {

grype/vulnerability/store_provider.go

@@ -3,10 +3,10 @@ package vulnerability
 import (
 	"fmt"
 
+	"github.com/anchore/grype/grype/cpe"
 	"github.com/anchore/siren-db/pkg/db"
 	"github.com/anchore/syft/syft/distro"
 	"github.com/anchore/syft/syft/pkg"
-	"github.com/anchore/vulnscan/vulnscan/cpe"
 	"github.com/facebookincubator/nvdtools/wfn"
 )
 

grype/vulnerability/store_provider_test.go

@@ -1,13 +1,13 @@
 package vulnerability
 
 import (
-	"github.com/anchore/vulnscan/vulnscan/cpe"
+	"github.com/anchore/grype/grype/cpe"
 	"github.com/go-test/deep"
 	"testing"
 
+	"github.com/anchore/grype/grype/version"
 	"github.com/anchore/syft/syft/distro"
 	"github.com/anchore/syft/syft/pkg"
-	"github.com/anchore/vulnscan/vulnscan/version"
 )
 
 func TestGetByDistro(t *testing.T) {

grype/vulnerability/vulnerability.go

@@ -5,9 +5,9 @@ import (
 
 	"github.com/anchore/siren-db/pkg/db"
 
-	"github.com/anchore/vulnscan/vulnscan/cpe"
+	"github.com/anchore/grype/grype/cpe"
 
-	"github.com/anchore/vulnscan/vulnscan/version"
+	"github.com/anchore/grype/grype/version"
 )
 
 type Vulnerability struct {

internal/config/config.go

@@ -5,12 +5,12 @@ import (
 	"path"
 	"strings"
 
-	"github.com/anchore/vulnscan/vulnscan/presenter"
+	"github.com/anchore/grype/grype/presenter"
 
 	"github.com/adrg/xdg"
+	"github.com/anchore/grype/grype/db"
+	"github.com/anchore/grype/internal"
 	"github.com/anchore/syft/syft/scope"
-	"github.com/anchore/vulnscan/internal"
-	"github.com/anchore/vulnscan/vulnscan/db"
 	"github.com/mitchellh/go-homedir"
 	"github.com/spf13/viper"
 	"go.uber.org/zap/zapcore"

internal/constants.go

@@ -1,4 +1,4 @@
 package internal
 
 // note: must be a single word, all lowercase
-const ApplicationName = "vulnscan"
+const ApplicationName = "grype"

internal/log/log.go

@@ -1,6 +1,6 @@
 package log
 
-import "github.com/anchore/vulnscan/vulnscan/logger"
+import "github.com/anchore/grype/grype/logger"
 
 var Log logger.Logger = &nopLogger{}
 

internal/logger/zap.go

@@ -3,7 +3,7 @@ package logger
 import (
 	"os"
 
-	"github.com/anchore/vulnscan/internal/format"
+	"github.com/anchore/grype/internal/format"
 	"go.uber.org/zap"
 	"go.uber.org/zap/zapcore"
 )

internal/version/update.go

@@ -15,7 +15,7 @@ var latestAppVersionURL = struct {
 }{
 	// TODO: set me to release host/path before release
 	host: "https://anchore.io",
-	path: "/vulnscan/releases/latest/VERSION",
+	path: "/grype/releases/latest/VERSION",
 }
 
 func IsUpdateAvailable() (bool, string, error) {

main.go

@@ -1,7 +1,7 @@
 package main
 
 import (
-	"github.com/anchore/vulnscan/cmd"
+	"github.com/anchore/grype/cmd"
 )
 
 func main() {

test/inline-compare/Makefile

@@ -1,12 +1,12 @@
 IMAGE = "centos:8"
 IMAGE_CLEAN = $(shell echo $(IMAGE) | tr ":" "_")
-VULNSCAN_DIR = vulnscan-reports
-VULNSCAN_REPORT = $(VULNSCAN_DIR)/$(IMAGE_CLEAN).json
+grype_DIR = grype-reports
+grype_REPORT = $(grype_DIR)/$(IMAGE_CLEAN).json
 INLINE_DIR = inline-reports
 INLINE_REPORT = $(INLINE_DIR)/$(IMAGE_CLEAN)-content-os.json
 
-ifndef VULNSCAN_DIR
-	$(error VULNSCAN_DIR is not set)
+ifndef grype_DIR
+	$(error grype_DIR is not set)
 endif
 
 ifndef INLINE_DIR
@@ -17,9 +17,9 @@ endif
 all: compare
 
 .PHONY: compare
-compare: $(INLINE_REPORT) $(VULNSCAN_REPORT)
-	docker build -t compare-vulnscan:latest .
-	docker run compare-vulnscan:latest $(IMAGE)
+compare: $(INLINE_REPORT) $(grype_REPORT)
+	docker build -t compare-grype:latest .
+	docker run compare-grype:latest $(IMAGE)
 
 $(INLINE_REPORT):
 	echo "Creating $(INLINE_REPORT)..."
@@ -28,12 +28,12 @@ $(INLINE_REPORT):
 	mv anchore-reports/* $(INLINE_DIR)/
 	rmdir anchore-reports
 
-$(VULNSCAN_REPORT):
-	echo "Creating $(VULNSCAN_REPORT)..."
-	mkdir -p $(VULNSCAN_DIR)
+$(grype_REPORT):
+	echo "Creating $(grype_REPORT)..."
+	mkdir -p $(grype_DIR)
 	docker pull $(IMAGE)
-	go run ../../main.go $(IMAGE) -o json > $(VULNSCAN_REPORT)
+	go run ../../main.go $(IMAGE) -o json > $(grype_REPORT)
 
 .PHONY: clean
 clean:
-	rm -f $(INLINE_DIR)/*  $(VULNSCAN_DIR)/*
+	rm -f $(INLINE_DIR)/*  $(grype_DIR)/*

test/inline-compare/compare.py

@@ -49,7 +49,7 @@ class InlineScan:
         return vulnerabilities, metadata
 
 
-class Vulnscan:
+class grype:
 
     report_tmpl = "{image}.json"
 
@@ -89,50 +89,50 @@ def main(image):
     inline = InlineScan(image=image, report_dir="inline-reports")
     inline_vulnerabilities, inline_metadata = inline.vulnerabilities()
 
-    vulnscan = Vulnscan(image=image, report_dir="vulnscan-reports")
-    vulnscan_vulnerabilities, vulnscan_metadata = vulnscan.vulnerabilities()
+    grype = grype(image=image, report_dir="grype-reports")
+    grype_vulnerabilities, grype_metadata = grype.vulnerabilities()
 
-    if len(vulnscan_vulnerabilities) == 0 and len(inline_vulnerabilities) == 0:
+    if len(grype_vulnerabilities) == 0 and len(inline_vulnerabilities) == 0:
         print("nobody found any vulnerabilities")
         return 0
 
-    same_vulnerabilities = vulnscan_vulnerabilities & inline_vulnerabilities
+    same_vulnerabilities = grype_vulnerabilities & inline_vulnerabilities
     percent_overlap_vulnerabilities = (
         float(len(same_vulnerabilities)) / float(len(inline_vulnerabilities))
     ) * 100.0
 
-    bonus_vulnerabilities = vulnscan_vulnerabilities - inline_vulnerabilities
-    missing_pacakges = inline_vulnerabilities - vulnscan_vulnerabilities
+    bonus_vulnerabilities = grype_vulnerabilities - inline_vulnerabilities
+    missing_pacakges = inline_vulnerabilities - grype_vulnerabilities
 
     inline_metadata_set = set()
     for vulnerability in inline_vulnerabilities:
         metadata = inline_metadata[vulnerability.package.type][vulnerability.package]
         inline_metadata_set.add((vulnerability.package, metadata))
 
-    vulnscan_metadata_set = set()
-    for vulnerability in vulnscan_vulnerabilities:
-        metadata = vulnscan_metadata[vulnerability.package.type][vulnerability.package]
-        vulnscan_metadata_set.add((vulnerability.package, metadata))
+    grype_metadata_set = set()
+    for vulnerability in grype_vulnerabilities:
+        metadata = grype_metadata[vulnerability.package.type][vulnerability.package]
+        grype_metadata_set.add((vulnerability.package, metadata))
 
-    same_metadata = vulnscan_metadata_set & inline_metadata_set
+    same_metadata = grype_metadata_set & inline_metadata_set
     percent_overlap_metadata = (
         float(len(same_metadata)) / float(len(inline_metadata_set))
     ) * 100.0
 
     if len(bonus_vulnerabilities) > 0:
-        print("Vulnscan Bonus vulnerability:")
+        print("grype Bonus vulnerability:")
         for vulnerability in sorted(list(bonus_vulnerabilities)):
             print("    " + repr(vulnerability))
         print()
 
     if len(missing_pacakges) > 0:
-        print("Vulnscan Missing vulnerability:")
+        print("grype Missing vulnerability:")
         for vulnerability in sorted(list(missing_pacakges)):
             print("    " + repr(vulnerability))
         print()
 
     print("Inline Packages  : %d" % len(inline_vulnerabilities))
-    print("Vulnscan Packages: %d" % len(vulnscan_vulnerabilities))
+    print("grype Packages: %d" % len(grype_vulnerabilities))
     print()
     print(
         "Baseline Vulnerabilities Matched: %2.3f %% (%d/%d vulnerability)"

test/integration/match_coverage_test.go

@@ -4,13 +4,13 @@ import (
 	"testing"
 
 	"github.com/anchore/go-testutils"
+	"github.com/anchore/grype/grype"
+	"github.com/anchore/grype/grype/match"
+	"github.com/anchore/grype/grype/result"
+	"github.com/anchore/grype/grype/vulnerability"
+	"github.com/anchore/grype/internal"
 	"github.com/anchore/syft/syft/pkg"
 	"github.com/anchore/syft/syft/scope"
-	"github.com/anchore/vulnscan/internal"
-	"github.com/anchore/vulnscan/vulnscan"
-	"github.com/anchore/vulnscan/vulnscan/match"
-	"github.com/anchore/vulnscan/vulnscan/result"
-	"github.com/anchore/vulnscan/vulnscan/vulnerability"
 	"github.com/sergi/go-diff/diffmatchpatch"
 )
 
@@ -214,7 +214,7 @@ func TestPkgCoverageImage(t *testing.T) {
 			tarPath := testutils.GetFixtureImageTarPath(t, test.fixtureImage)
 			defer cleanup()
 
-			actualResults, catalog, theScope, err := vulnscan.FindVulnerabilities(
+			actualResults, catalog, theScope, err := grype.FindVulnerabilities(
 				vulnerability.NewProviderFromStore(theStore),
 				"docker-archive://"+tarPath,
 				scope.AllLayersScope,

vulnscan/presenter/json/test-fixtures/snapshot/TestEmptyJsonPresenter.golden

@@ -1 +0,0 @@
-[]

vulnscan/presenter/json/test-fixtures/snapshot/TestJsonPresenter.golden

@@ -1,26 +0,0 @@
-[
- {
-  "cve": "CVE-1999-0001",
-  "found-by": {
-   "matcher": "dpkg-matcher",
-   "search-key": ""
-  },
-  "package": {
-   "name": "package-1",
-   "version": "1.0.1",
-   "type": "deb"
-  }
- },
- {
-  "cve": "CVE-1999-0002",
-  "found-by": {
-   "matcher": "dpkg-matcher",
-   "search-key": ""
-  },
-  "package": {
-   "name": "package-1",
-   "version": "1.0.1",
-   "type": "deb"
-  }
- }
-]